Resources

This page provides an overview of projects that support RPKI. It includes, statistics, measurements projects and presentations about operational experiences. Finally, there is an overview of all work in the Internet Engineering Task Force relevant to RPKI.

The Software Projects page an overview of all available tools for using RPKI.

Books

BGP RPKI: Instructions for use, by Flavio Luciani & Tiziano Tofoni (PDF)

Juniper Day One: Deploying BGP Routing Security, by Melchior Aelmans & Niels Raijer (PDF)

Insights and Statistics

There are several initiatives that measure the adoption and data quality of RPKI:

Operational Experiences

RPKI Deployment Considerations for ISPs

Document by Rich Compton - Charter Communications, with contributions from the operator community

Using RPKI with IXP Manager

Documentation to set up Routinator, OctoRPKI and the RIPE NCC Validator with BIRD 2.x

Use Routinator with Cisco IOS-XR

Blog post by Fabien Vincent

Wikimedia RPKI Validation Implementation

Documentation by Arzhel Younsi describing RPKI validator and router configuration

Dropping RPKI invalid routes in a service provider network

Lightning talk by Nimrod Levy - AT&T, NANOG 75, February 2019

RPKI and BGP: our path to securing Internet Routing

Blog post by Jérôme Fleury & Louis Poinsignon - Cloudflare, September 2018

RPKI For Managers

Presentation by Niels Raijer - Fusix Networks, NLNOG Day 2018, September 2018

RPKI at IXP Route Servers

Presentation by Nick Hilliard - INEX, RIPE 78, May 2019

Lessons learned: NTT’s RPKI deployment

Presentation by Job Snijders - NANOG 79, June 2020

Examples of BGP Hijacks

How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today

Cloudflare Blog, 24 June 2019

BGP / DNS Hijacks Target Payment Systems

Oracle Internet Intelligence, 3 August 2018

Shutting down the BGP Hijack Factory

Oracle Dyn, 10 July 2018

Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency

Ars Technica, 24 April 2018

Popular Destinations rerouted to Russia

BGPmon, 12 December 2017

Insecure routing redirects YouTube to Pakistan

Ars Technica, 25 February 2008

IETF Documents

Most of the original work on RPKI standardisation for both origin and path validation was done in the Secure Inter-Domain Routing (sidr) working group. After the work was completed, the working group was concluded.

Since then, the SIDR Operations (sidrops) working group was formed. This working group develops guidelines for the operation of SIDR-aware networks, and provides operational guidance on how to deploy and operate SIDR technologies in existing and new networks.

All relevant drafts and standards can be found in the archives of these two working groups as well as the RPKI RFCs Graph.